Encryption is another really valuable tool that you have in your arsenal to protect yourself from scams and hackers and other people who would do you no good. Unfortunately, a lot of people don’t really understand what encryption is, or assume that it’s so difficult that they don’t even bother with it, when it’s relatively easy to use. It’s certainly widely available. And there’s really no good excuse to not using encryption.
Now one important distinction I draw, first of all, is there’s a difference between something that’s just password protected and something that’s encrypted. Microsoft Word, several versions ago, would allow you to password protect a document without actually encrypting it. So imagine, if you will, an old fashioned paper file folder with a chain and a lock around it. This is actually a good way of describing how a password protected document works. The contents of the document are still whole. They’re still readable and they’re there, they’re just behind a layer of security. And if you can break that fairly simple layer of security, if you have a bolt cutter and you can snap that lock, you open up the folder and you’ve got the documents all there to read. In this case, the password protected document, the way that lock would be broken is usually by running it through a bruteforce tool which would just simply enter different passwords continually until it finds the right combination of letters and characters.
Encryption is a different sort of tool. What encryption actually does, is it takes the contents of the document and it scrambles it so that if you were to look at the contents of the document while it’s encrypted, you would just see gibberish. You would see what you see in the lower right hand corner which is a random string of characters and letters and numbers, which wouldn’t mean anything. In order to decrypt the data, you need access to the key, which is like a password. It’s the decryptor tool that takes that encrypted data and puts it back into the correct order so that it’s readable.
One thing to keep in mind with encryption in general, especially in the online age, is always ask yourself who holds the key. If you’re sending encrypted data around online through a vendor, but you’re never having to enter a password, what that probably means is that the vendor is in fact encrypting the data but they’re holding the key. Which means that they have the ability to decrypt it at any given time. That’s not necessarily a bad thing, but you need to make sure that you review your terms of service so you know under what circumstances would they decrypt that data.
In terms of what can be encrypted, obviously hard drives and data can be encrypted while it’s on your computer. There’s full disk encryption tools that will allow you to encrypt your entire laptop or your entire mobile device. You really should be considering using those on mobile devices. They offer the great advantage that if your laptop is encrypted, with full disk encryption, and you do lose it, you leave it behind someplace and somebody picks it up, then unless they have your password with your key to decrypt that hard drive, they’re not going to be able to get into your data. You can also encrypt specific files, you can create encrypted folders that will hold a wide range of files, you can encrypt thumb drives, and you can even encrypt mobile devices. So you can encrypt just about any device that stores data.
Now there’s also the question of data that goes online. We just mentioned this. If you’re storing data online, there’s two things you have to think about. And that’s the encryption in transit, and the encryption at rest. Encryption in transit means, as that data is moving from point A to point B, so from your computer to the third party server, you want it to be encrypted in transmission. You also want it to be encrypted at rest, which means that it’s encrypted once it’s on their server, the third party server. Look into both. Again, ask yourself who holds the key. This is often an option with different service providers. Some will let you hold the key yourself. That’s a good idea if you want to maximize your security. The only thing that you need to keep in mind, is that if you do lose that key and your data is encrypted and they don’t have a copy of your key, then that data is essentially lost. You’re not going to be able to get it back.
The biggest note that we can make with encryption is just that you need to take the step of actually using it. it’s really not that hard. There are a number of tools on the market. Things like TrueCrypt, which are completely free. Most security tools that offer virus scanning also include encryption tools. There’s really no excuse not to use it. So you just have to get in the habit and make sure that you’re encrypting these documents when you’re sending them, that you’re encrypting your hard drive, you’re making sure that you’re using proper encryption when you’re using online services as well.